1 /* rwmmap.c - rewrite/mapping routines */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 * Copyright 1999-2011 The OpenLDAP Foundation.
6 * Portions Copyright 1999-2003 Howard Chu.
7 * Portions Copyright 2000-2003 Pierangelo Masarati.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted only as authorized by the OpenLDAP
14 * A copy of this license is available in the file LICENSE in the
15 * top-level directory of the distribution or, alternatively, at
16 * <http://www.OpenLDAP.org/license.html>.
19 * This work was initially developed by the Howard Chu for inclusion
20 * in OpenLDAP Software and subsequently enhanced by Pierangelo
30 #include <ac/string.h>
31 #include <ac/socket.h>
36 #undef ldap_debug /* silence a warning in ldap-int.h */
37 #include "../../../libraries/libldap/ldap-int.h"
40 rwm_mapping_cmp( const void *c1, const void *c2 )
42 struct ldapmapping *map1 = (struct ldapmapping *)c1;
43 struct ldapmapping *map2 = (struct ldapmapping *)c2;
44 int rc = map1->m_src.bv_len - map2->m_src.bv_len;
50 return strcasecmp( map1->m_src.bv_val, map2->m_src.bv_val );
54 rwm_mapping_dup( void *c1, void *c2 )
56 struct ldapmapping *map1 = (struct ldapmapping *)c1;
57 struct ldapmapping *map2 = (struct ldapmapping *)c2;
58 int rc = map1->m_src.bv_len - map2->m_src.bv_len;
64 return ( ( strcasecmp( map1->m_src.bv_val, map2->m_src.bv_val ) == 0 ) ? -1 : 0 );
68 rwm_map_init( struct ldapmap *lm, struct ldapmapping **m )
70 struct ldapmapping *mapping;
78 mapping = (struct ldapmapping *)ch_calloc( 2,
79 sizeof( struct ldapmapping ) );
80 if ( mapping == NULL ) {
81 return LDAP_NO_MEMORY;
84 /* NOTE: this is needed to make sure that
86 * does not filter out all attributes including objectClass */
87 rc = slap_str2ad( "objectClass", &mapping[0].m_src_ad, &text );
88 if ( rc != LDAP_SUCCESS ) {
93 mapping[0].m_dst_ad = mapping[0].m_src_ad;
94 ber_dupbv( &mapping[0].m_src, &mapping[0].m_src_ad->ad_cname );
95 ber_dupbv( &mapping[0].m_dst, &mapping[0].m_src );
97 mapping[1].m_src = mapping[0].m_src;
98 mapping[1].m_dst = mapping[0].m_dst;
99 mapping[1].m_src_ad = mapping[0].m_src_ad;
100 mapping[1].m_dst_ad = mapping[1].m_src_ad;
102 avl_insert( &lm->map, (caddr_t)&mapping[0],
103 rwm_mapping_cmp, rwm_mapping_dup );
104 avl_insert( &lm->remap, (caddr_t)&mapping[1],
105 rwm_mapping_cmp, rwm_mapping_dup );
113 rwm_mapping( struct ldapmap *map, struct berval *s, struct ldapmapping **m, int remap )
116 struct ldapmapping fmapping;
124 /* let special attrnames slip through (ITS#5760) */
125 if ( bvmatch( s, slap_bv_no_attrs )
126 || bvmatch( s, slap_bv_all_user_attrs )
127 || bvmatch( s, slap_bv_all_operational_attrs ) )
133 if ( remap == RWM_REMAP ) {
141 *m = (struct ldapmapping *)avl_find( tree, (caddr_t)&fmapping,
145 return map->drop_missing;
152 rwm_map( struct ldapmap *map, struct berval *s, struct berval *bv, int remap )
154 struct ldapmapping *mapping;
156 /* map->map may be NULL when mapping is configured,
157 * but map->remap can't */
158 if ( map->remap == NULL ) {
164 ( void )rwm_mapping( map, s, &mapping, remap );
165 if ( mapping != NULL ) {
166 if ( !BER_BVISNULL( &mapping->m_dst ) ) {
167 *bv = mapping->m_dst;
172 if ( !map->drop_missing ) {
178 * Map attribute names in place
183 struct ldapmap *at_map,
184 struct ldapmap *oc_map,
191 assert( anp != NULL );
199 for ( i = 0; !BER_BVISNULL( &an[i].an_name ); i++ )
201 *anp = op->o_tmpalloc( ( i + 1 )* sizeof( AttributeName ),
203 if ( *anp == NULL ) {
204 return LDAP_NO_MEMORY;
207 for ( i = 0, j = 0; !BER_BVISNULL( &an[i].an_name ); i++ ) {
208 struct ldapmapping *m;
209 int at_drop_missing = 0,
212 if ( an[i].an_desc ) {
214 /* FIXME: better leave as is? */
218 at_drop_missing = rwm_mapping( at_map, &an[i].an_name, &m, remap );
219 if ( at_drop_missing || ( m && BER_BVISNULL( &m->m_dst ) ) ) {
230 if ( remap == RWM_MAP ) {
231 (*anp)[j].an_name = m->m_dst;
232 (*anp)[j].an_desc = m->m_dst_ad;
234 (*anp)[j].an_name = m->m_src;
235 (*anp)[j].an_desc = m->m_src_ad;
242 } else if ( an[i].an_oc ) {
244 /* FIXME: better leave as is? */
248 oc_drop_missing = rwm_mapping( oc_map, &an[i].an_name, &m, remap );
250 if ( oc_drop_missing || ( m && BER_BVISNULL( &m->m_dst ) ) ) {
261 if ( remap == RWM_MAP ) {
262 (*anp)[j].an_name = m->m_dst;
263 (*anp)[j].an_oc = m->m_dst_oc;
265 (*anp)[j].an_name = m->m_src;
266 (*anp)[j].an_oc = m->m_src_oc;
270 at_drop_missing = rwm_mapping( at_map, &an[i].an_name, &m, remap );
272 if ( at_drop_missing || !m ) {
273 oc_drop_missing = rwm_mapping( oc_map, &an[i].an_name, &m, remap );
275 /* if both at_map and oc_map required to drop missing,
277 if ( oc_drop_missing && at_drop_missing ) {
281 /* if no oc_map mapping was found and at_map required
282 * to drop missing, then do it; otherwise, at_map wins
283 * and an is considered an attr and is left unchanged */
285 if ( at_drop_missing ) {
293 if ( BER_BVISNULL( &m->m_dst ) ) {
298 if ( remap == RWM_MAP ) {
299 (*anp)[j].an_name = m->m_dst;
300 (*anp)[j].an_oc = m->m_dst_oc;
302 (*anp)[j].an_name = m->m_src;
303 (*anp)[j].an_oc = m->m_src_oc;
309 if ( !BER_BVISNULL( &m->m_dst ) ) {
311 if ( remap == RWM_MAP ) {
312 (*anp)[j].an_name = m->m_dst;
313 (*anp)[j].an_desc = m->m_dst_ad;
315 (*anp)[j].an_name = m->m_src;
316 (*anp)[j].an_desc = m->m_src_ad;
324 if ( j == 0 && i != 0 ) {
325 memset( &(*anp)[0], 0, sizeof( AttributeName ) );
326 (*anp)[0].an_name = *slap_bv_no_attrs;
329 memset( &(*anp)[j], 0, sizeof( AttributeName ) );
337 struct ldapmap *at_map,
340 char ***mapped_attrs )
346 *mapped_attrs = NULL;
350 for ( i = 0; !BER_BVISNULL( &an[ i ].an_name ); i++ )
353 na = (char **)ch_calloc( i + 1, sizeof( char * ) );
355 *mapped_attrs = NULL;
356 return LDAP_NO_MEMORY;
359 for ( i = j = 0; !BER_BVISNULL( &an[i].an_name ); i++ ) {
360 struct ldapmapping *mapping;
362 if ( rwm_mapping( at_map, &an[i].an_name, &mapping, remap ) ) {
367 na[ j++ ] = an[ i ].an_name.bv_val;
369 } else if ( !BER_BVISNULL( &mapping->m_dst ) ) {
370 na[ j++ ] = mapping->m_dst.bv_val;
374 if ( j == 0 && i != 0 ) {
375 na[ j++ ] = LDAP_NO_ATTRS;
389 AttributeDescription **adp,
390 struct berval *mapped_attr,
391 struct berval *value,
392 struct berval *mapped_value,
396 struct berval vtmp = BER_BVNULL;
398 AttributeDescription *ad = *adp;
399 struct ldapmapping *mapping = NULL;
401 rwm_mapping( &dc->rwmap->rwm_at, &ad->ad_cname, &mapping, remap );
402 if ( mapping == NULL ) {
403 if ( dc->rwmap->rwm_at.drop_missing ) {
407 *mapped_attr = ad->ad_cname;
410 *mapped_attr = mapping->m_dst;
413 if ( value != NULL ) {
414 assert( mapped_value != NULL );
416 if ( ad->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName
417 || ( mapping != NULL && mapping->m_dst_ad->ad_type->sat_syntax == slap_schema.si_syn_distinguishedName ) )
422 fdc.ctx = "searchFilterAttrDN";
425 rc = rwm_dn_massage_normalize( &fdc, value, &vtmp );
428 if ( vtmp.bv_val != value->bv_val ) {
433 case LDAP_UNWILLING_TO_PERFORM:
439 } else if ( ad->ad_type->sat_equality->smr_usage & SLAP_MR_MUTATION_NORMALIZER ) {
440 if ( ad->ad_type->sat_equality->smr_normalize(
441 (SLAP_MR_DENORMALIZE|SLAP_MR_VALUE_OF_ASSERTION_SYNTAX),
442 NULL, NULL, value, &vtmp, memctx ) )
448 } else if ( ad == slap_schema.si_ad_objectClass
449 || ad == slap_schema.si_ad_structuralObjectClass )
451 rwm_map( &dc->rwmap->rwm_oc, value, &vtmp, remap );
452 if ( BER_BVISNULL( &vtmp ) || BER_BVISEMPTY( &vtmp ) ) {
460 filter_escape_value_x( &vtmp, mapped_value, memctx );
464 ch_free( vtmp.bv_val );
468 ber_memfree_x( vtmp.bv_val, memctx );
473 if ( mapping != NULL ) {
474 assert( mapping->m_dst_ad != NULL );
475 *adp = mapping->m_dst_ad;
482 rwm_int_filter_map_rewrite(
486 struct berval *fstr )
490 AttributeDescription *ad;
495 /* better than nothing... */
496 ber_bvfalse = BER_BVC( "(!(objectClass=*))" ),
497 ber_bvtf_false = BER_BVC( "(|)" ),
498 /* better than nothing... */
499 ber_bvtrue = BER_BVC( "(objectClass=*)" ),
500 ber_bvtf_true = BER_BVC( "(&)" ),
502 /* no longer needed; preserved for completeness */
503 ber_bvundefined = BER_BVC( "(?=undefined)" ),
505 ber_bverror = BER_BVC( "(?=error)" ),
506 ber_bvunknown = BER_BVC( "(?=unknown)" ),
507 ber_bvnone = BER_BVC( "(?=none)" );
510 assert( fstr != NULL );
514 ber_dupbv_x( fstr, &ber_bvnone, op->o_tmpmemctx );
519 /* ITS#6814: give the caller a chance to use undefined filters */
520 if ( f->f_choice & SLAPD_FILTER_UNDEFINED ) {
525 switch ( f->f_choice & SLAPD_FILTER_MASK ) {
526 case LDAP_FILTER_EQUALITY:
528 if ( map_attr_value( dc, &ad, &atmp,
529 &f->f_av_value, &vtmp, RWM_MAP, op->o_tmpmemctx ) )
534 fstr->bv_len = atmp.bv_len + vtmp.bv_len + STRLENOF( "(=)" );
535 fstr->bv_val = op->o_tmpalloc( fstr->bv_len + 1, op->o_tmpmemctx );
537 snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s=%s)",
538 atmp.bv_val, vtmp.bv_len ? vtmp.bv_val : "" );
540 op->o_tmpfree( vtmp.bv_val, op->o_tmpmemctx );
545 if ( map_attr_value( dc, &ad, &atmp,
546 &f->f_av_value, &vtmp, RWM_MAP, op->o_tmpmemctx ) )
551 fstr->bv_len = atmp.bv_len + vtmp.bv_len + STRLENOF( "(>=)" );
552 fstr->bv_val = op->o_tmpalloc( fstr->bv_len + 1, op->o_tmpmemctx );
554 snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s>=%s)",
555 atmp.bv_val, vtmp.bv_len ? vtmp.bv_val : "" );
557 op->o_tmpfree( vtmp.bv_val, op->o_tmpmemctx );
562 if ( map_attr_value( dc, &ad, &atmp,
563 &f->f_av_value, &vtmp, RWM_MAP, op->o_tmpmemctx ) )
568 fstr->bv_len = atmp.bv_len + vtmp.bv_len + STRLENOF( "(<=)" );
569 fstr->bv_val = op->o_tmpalloc( fstr->bv_len + 1, op->o_tmpmemctx );
571 snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s<=%s)",
572 atmp.bv_val, vtmp.bv_len ? vtmp.bv_val : "" );
574 op->o_tmpfree( vtmp.bv_val, op->o_tmpmemctx );
577 case LDAP_FILTER_APPROX:
579 if ( map_attr_value( dc, &ad, &atmp,
580 &f->f_av_value, &vtmp, RWM_MAP, op->o_tmpmemctx ) )
585 fstr->bv_len = atmp.bv_len + vtmp.bv_len + STRLENOF( "(~=)" );
586 fstr->bv_val = op->o_tmpalloc( fstr->bv_len + 1, op->o_tmpmemctx );
588 snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s~=%s)",
589 atmp.bv_val, vtmp.bv_len ? vtmp.bv_val : "" );
591 op->o_tmpfree( vtmp.bv_val, op->o_tmpmemctx );
594 case LDAP_FILTER_SUBSTRINGS:
596 if ( map_attr_value( dc, &ad, &atmp,
597 NULL, NULL, RWM_MAP, op->o_tmpmemctx ) )
602 /* cannot be a DN ... */
604 fstr->bv_len = atmp.bv_len + STRLENOF( "(=*)" );
605 fstr->bv_val = op->o_tmpalloc( fstr->bv_len + 128, op->o_tmpmemctx );
607 snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s=*)",
610 if ( !BER_BVISNULL( &f->f_sub_initial ) ) {
613 filter_escape_value_x( &f->f_sub_initial, &vtmp, op->o_tmpmemctx );
615 fstr->bv_len += vtmp.bv_len;
616 fstr->bv_val = op->o_tmprealloc( fstr->bv_val, fstr->bv_len + 1,
619 snprintf( &fstr->bv_val[len - 2], vtmp.bv_len + 3,
620 /* "(attr=" */ "%s*)",
621 vtmp.bv_len ? vtmp.bv_val : "" );
623 op->o_tmpfree( vtmp.bv_val, op->o_tmpmemctx );
626 if ( f->f_sub_any != NULL ) {
627 for ( i = 0; !BER_BVISNULL( &f->f_sub_any[i] ); i++ ) {
629 filter_escape_value_x( &f->f_sub_any[i], &vtmp,
632 fstr->bv_len += vtmp.bv_len + 1;
633 fstr->bv_val = op->o_tmprealloc( fstr->bv_val, fstr->bv_len + 1,
636 snprintf( &fstr->bv_val[len - 1], vtmp.bv_len + 3,
637 /* "(attr=[init]*[any*]" */ "%s*)",
638 vtmp.bv_len ? vtmp.bv_val : "" );
639 op->o_tmpfree( vtmp.bv_val, op->o_tmpmemctx );
643 if ( !BER_BVISNULL( &f->f_sub_final ) ) {
646 filter_escape_value_x( &f->f_sub_final, &vtmp, op->o_tmpmemctx );
648 fstr->bv_len += vtmp.bv_len;
649 fstr->bv_val = op->o_tmprealloc( fstr->bv_val, fstr->bv_len + 1,
652 snprintf( &fstr->bv_val[len - 1], vtmp.bv_len + 3,
653 /* "(attr=[init*][any*]" */ "%s)",
654 vtmp.bv_len ? vtmp.bv_val : "" );
656 op->o_tmpfree( vtmp.bv_val, op->o_tmpmemctx );
661 case LDAP_FILTER_PRESENT:
663 if ( map_attr_value( dc, &ad, &atmp,
664 NULL, NULL, RWM_MAP, op->o_tmpmemctx ) )
669 fstr->bv_len = atmp.bv_len + STRLENOF( "(=*)" );
670 fstr->bv_val = op->o_tmpalloc( fstr->bv_len + 1, op->o_tmpmemctx );
672 snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s=*)",
676 case LDAP_FILTER_AND:
678 case LDAP_FILTER_NOT:
679 fstr->bv_len = STRLENOF( "(%)" );
680 fstr->bv_val = op->o_tmpalloc( fstr->bv_len + 128, op->o_tmpmemctx );
682 snprintf( fstr->bv_val, fstr->bv_len + 1, "(%c)",
683 f->f_choice == LDAP_FILTER_AND ? '&' :
684 f->f_choice == LDAP_FILTER_OR ? '|' : '!' );
686 for ( p = f->f_list; p != NULL; p = p->f_next ) {
691 rc = rwm_int_filter_map_rewrite( op, dc, p, &vtmp );
692 if ( rc != LDAP_SUCCESS ) {
696 fstr->bv_len += vtmp.bv_len;
697 fstr->bv_val = op->o_tmprealloc( fstr->bv_val, fstr->bv_len + 1,
700 snprintf( &fstr->bv_val[len-1], vtmp.bv_len + 2,
701 /*"("*/ "%s)", vtmp.bv_len ? vtmp.bv_val : "" );
703 op->o_tmpfree( vtmp.bv_val, op->o_tmpmemctx );
708 case LDAP_FILTER_EXT: {
709 if ( f->f_mr_desc ) {
711 if ( map_attr_value( dc, &ad, &atmp,
712 &f->f_mr_value, &vtmp, RWM_MAP, op->o_tmpmemctx ) )
718 BER_BVSTR( &atmp, "" );
719 filter_escape_value_x( &f->f_mr_value, &vtmp, op->o_tmpmemctx );
723 fstr->bv_len = atmp.bv_len +
724 ( f->f_mr_dnattrs ? STRLENOF( ":dn" ) : 0 ) +
725 ( f->f_mr_rule_text.bv_len ? f->f_mr_rule_text.bv_len + 1 : 0 ) +
726 vtmp.bv_len + STRLENOF( "(:=)" );
727 fstr->bv_val = op->o_tmpalloc( fstr->bv_len + 1, op->o_tmpmemctx );
729 snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s%s%s%s:=%s)",
731 f->f_mr_dnattrs ? ":dn" : "",
732 !BER_BVISEMPTY( &f->f_mr_rule_text ) ? ":" : "",
733 !BER_BVISEMPTY( &f->f_mr_rule_text ) ? f->f_mr_rule_text.bv_val : "",
734 vtmp.bv_len ? vtmp.bv_val : "" );
735 op->o_tmpfree( vtmp.bv_val, op->o_tmpmemctx );
741 filter_free_x( op, f, 0 );
742 f->f_choice = SLAPD_FILTER_COMPUTED;
743 f->f_result = SLAPD_COMPARE_UNDEFINED;
746 case SLAPD_FILTER_COMPUTED:
747 switch ( f->f_result ) {
748 case LDAP_COMPARE_FALSE:
749 /* FIXME: treat UNDEFINED as FALSE */
750 case SLAPD_COMPARE_UNDEFINED:
751 if ( dc->rwmap->rwm_flags & RWM_F_SUPPORT_T_F ) {
752 tmp = &ber_bvtf_false;
758 case LDAP_COMPARE_TRUE:
759 if ( dc->rwmap->rwm_flags & RWM_F_SUPPORT_T_F ) {
760 tmp = &ber_bvtf_true;
771 ber_dupbv_x( fstr, tmp, op->o_tmpmemctx );
775 ber_dupbv_x( fstr, &ber_bvunknown, op->o_tmpmemctx );
783 rwm_filter_map_rewrite(
787 struct berval *fstr )
793 rc = rwm_int_filter_map_rewrite( op, dc, f, fstr );
802 fdc.ctx = "searchFilter";
804 switch ( rewrite_session( fdc.rwmap->rwm_rw, fdc.ctx,
805 ( !BER_BVISEMPTY( &ftmp ) ? ftmp.bv_val : "" ),
806 fdc.conn, &fstr->bv_val ) )
808 case REWRITE_REGEXEC_OK:
809 if ( !BER_BVISNULL( fstr ) ) {
810 fstr->bv_len = strlen( fstr->bv_val );
816 Debug( LDAP_DEBUG_ARGS,
817 "[rw] %s: \"%s\" -> \"%s\"\n",
818 fdc.ctx, ftmp.bv_val, fstr->bv_val );
819 if ( fstr->bv_val != ftmp.bv_val ) {
820 ber_bvreplace_x( &ftmp, fstr, op->o_tmpmemctx );
821 ch_free( fstr->bv_val );
827 case REWRITE_REGEXEC_UNWILLING:
829 fdc.rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
830 fdc.rs->sr_text = "Operation not allowed";
832 op->o_tmpfree( ftmp.bv_val, op->o_tmpmemctx );
833 rc = LDAP_UNWILLING_TO_PERFORM;
836 case REWRITE_REGEXEC_ERR:
838 fdc.rs->sr_err = LDAP_OTHER;
839 fdc.rs->sr_text = "Rewrite error";
841 op->o_tmpfree( ftmp.bv_val, op->o_tmpmemctx );
850 * I don't like this much, but we need two different
851 * functions because different heap managers may be
852 * in use in back-ldap/meta to reduce the amount of
853 * calls to malloc routines, and some of the free()
854 * routines may be macros with args
857 rwm_referral_rewrite(
862 BerVarray *pa_nvals )
864 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
865 struct ldaprwmap *rwmap =
866 (struct ldaprwmap *)on->on_bi.bi_private;
871 struct berval dn = BER_BVNULL,
874 assert( a_vals != NULL );
877 * Rewrite the dn if needed
880 dc.conn = op->o_conn;
882 dc.ctx = (char *)cookie;
884 for ( last = 0; !BER_BVISNULL( &a_vals[last] ); last++ )
888 if ( pa_nvals != NULL ) {
889 if ( *pa_nvals == NULL ) {
890 *pa_nvals = ch_malloc( ( last + 2 ) * sizeof(struct berval) );
891 memset( *pa_nvals, 0, ( last + 2 ) * sizeof(struct berval) );
895 for ( i = 0; !BER_BVISNULL( &a_vals[i] ); i++ ) {
896 struct berval olddn = BER_BVNULL,
902 rc = ldap_url_parse( oldval.bv_val, &ludp );
903 if ( rc != LDAP_URL_SUCCESS ) {
904 /* leave attr untouched if massage failed */
905 if ( pa_nvals && BER_BVISNULL( &(*pa_nvals)[i] ) ) {
906 ber_dupbv( &(*pa_nvals)[i], &oldval );
911 /* FIXME: URLs like "ldap:///dc=suffix" if passed
912 * thru ldap_url_parse() and ldap_url_desc2str()
913 * get rewritten as "ldap:///dc=suffix??base";
914 * we don't want this to occur... */
915 if ( ludp->lud_scope == LDAP_SCOPE_BASE ) {
916 ludp->lud_scope = LDAP_SCOPE_DEFAULT;
919 ber_str2bv( ludp->lud_dn, 0, 0, &olddn );
924 rc = rwm_dn_massage_pretty_normalize( &dc, &olddn,
927 rc = rwm_dn_massage_pretty( &dc, &olddn, &dn );
931 case LDAP_UNWILLING_TO_PERFORM:
933 * FIXME: need to check if it may be considered
934 * legal to trim values when adding/modifying;
935 * it should be when searching (e.g. ACLs).
937 ch_free( a_vals[i].bv_val );
939 a_vals[i] = a_vals[last];
941 (*pa_nvals)[i] = (*pa_nvals)[last];
944 BER_BVZERO( &a_vals[last] );
946 BER_BVZERO( &(*pa_nvals)[last] );
952 if ( !BER_BVISNULL( &dn ) && dn.bv_val != olddn.bv_val ) {
955 ludp->lud_dn = dn.bv_val;
956 newurl = ldap_url_desc2str( ludp );
957 ludp->lud_dn = olddn.bv_val;
958 ch_free( dn.bv_val );
959 if ( newurl == NULL ) {
960 /* FIXME: leave attr untouched
961 * even if ldap_url_desc2str failed...
966 ber_str2bv( newurl, 0, 1, &a_vals[i] );
967 ber_memfree( newurl );
970 ludp->lud_dn = ndn.bv_val;
971 newurl = ldap_url_desc2str( ludp );
972 ludp->lud_dn = olddn.bv_val;
973 ch_free( ndn.bv_val );
974 if ( newurl == NULL ) {
975 /* FIXME: leave attr untouched
976 * even if ldap_url_desc2str failed...
978 ch_free( a_vals[i].bv_val );
983 if ( !BER_BVISNULL( &(*pa_nvals)[i] ) ) {
984 ch_free( (*pa_nvals)[i].bv_val );
986 ber_str2bv( newurl, 0, 1, &(*pa_nvals)[i] );
987 ber_memfree( newurl );
990 ch_free( oldval.bv_val );
991 ludp->lud_dn = olddn.bv_val;
996 /* leave attr untouched if massage failed */
997 if ( pa_nvals && BER_BVISNULL( &(*pa_nvals)[i] ) ) {
998 ber_dupbv( &(*pa_nvals)[i], &a_vals[i] );
1002 ldap_free_urldesc( ludp );
1009 * I don't like this much, but we need two different
1010 * functions because different heap managers may be
1011 * in use in back-ldap/meta to reduce the amount of
1012 * calls to malloc routines, and some of the free()
1013 * routines may be macros with args
1021 BerVarray *pa_nvals )
1023 slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
1024 struct ldaprwmap *rwmap =
1025 (struct ldaprwmap *)on->on_bi.bi_private;
1030 struct berval dn = BER_BVNULL,
1038 if ( pa_nvals == NULL || *pa_nvals == NULL ) {
1045 * Rewrite the dn if needed
1048 dc.conn = op->o_conn;
1050 dc.ctx = (char *)cookie;
1052 for ( last = 0; !BER_BVISNULL( &in[last] ); last++ );
1054 if ( pa_nvals != NULL ) {
1055 if ( *pa_nvals == NULL ) {
1056 *pa_nvals = ch_malloc( ( last + 2 ) * sizeof(struct berval) );
1057 memset( *pa_nvals, 0, ( last + 2 ) * sizeof(struct berval) );
1061 for ( i = 0; !BER_BVISNULL( &in[i] ); i++ ) {
1067 ndn = (*pa_nvals)[i];
1068 rc = rwm_dn_massage_pretty_normalize( &dc, &in[i], &dn, &ndn );
1070 rc = rwm_dn_massage_pretty( &dc, &in[i], &dn );
1074 rc = rwm_dn_massage_normalize( &dc, &in[i], &ndn );
1078 case LDAP_UNWILLING_TO_PERFORM:
1080 * FIXME: need to check if it may be considered
1081 * legal to trim values when adding/modifying;
1082 * it should be when searching (e.g. ACLs).
1084 ch_free( in[i].bv_val );
1087 if ( a_vals && pa_nvals ) {
1088 (*pa_nvals)[i] = (*pa_nvals)[last];
1091 BER_BVZERO( &in[last] );
1092 if ( a_vals && pa_nvals ) {
1093 BER_BVZERO( &(*pa_nvals)[last] );
1100 if ( !BER_BVISNULL( &dn ) && dn.bv_val != a_vals[i].bv_val ) {
1101 ch_free( a_vals[i].bv_val );
1105 if ( !BER_BVISNULL( &(*pa_nvals)[i] ) ) {
1106 ch_free( (*pa_nvals)[i].bv_val );
1108 (*pa_nvals)[i] = ndn;
1113 if ( !BER_BVISNULL( &ndn ) && ndn.bv_val != (*pa_nvals)[i].bv_val ) {
1114 ch_free( (*pa_nvals)[i].bv_val );
1115 (*pa_nvals)[i] = ndn;
1121 /* leave attr untouched if massage failed */
1122 if ( a_vals && pa_nvals && BER_BVISNULL( &(*pa_nvals)[i] ) ) {
1123 dnNormalize( 0, NULL, NULL, &a_vals[i], &(*pa_nvals)[i], NULL );
1133 rwm_referral_result_rewrite(
1139 for ( last = 0; !BER_BVISNULL( &a_vals[last] ); last++ );
1142 for ( i = 0; !BER_BVISNULL( &a_vals[i] ); i++ ) {
1148 rc = ldap_url_parse( a_vals[i].bv_val, &ludp );
1149 if ( rc != LDAP_URL_SUCCESS ) {
1150 /* leave attr untouched if massage failed */
1154 /* FIXME: URLs like "ldap:///dc=suffix" if passed
1155 * thru ldap_url_parse() and ldap_url_desc2str()
1156 * get rewritten as "ldap:///dc=suffix??base";
1157 * we don't want this to occur... */
1158 if ( ludp->lud_scope == LDAP_SCOPE_BASE ) {
1159 ludp->lud_scope = LDAP_SCOPE_DEFAULT;
1162 ber_str2bv( ludp->lud_dn, 0, 0, &olddn );
1165 rc = rwm_dn_massage_pretty( dc, &olddn, &dn );
1167 case LDAP_UNWILLING_TO_PERFORM:
1169 * FIXME: need to check if it may be considered
1170 * legal to trim values when adding/modifying;
1171 * it should be when searching (e.g. ACLs).
1173 ch_free( a_vals[i].bv_val );
1175 a_vals[i] = a_vals[last];
1177 BER_BVZERO( &a_vals[last] );
1183 /* leave attr untouched if massage failed */
1184 if ( !BER_BVISNULL( &dn ) && olddn.bv_val != dn.bv_val ) {
1187 ludp->lud_dn = dn.bv_val;
1188 newurl = ldap_url_desc2str( ludp );
1189 if ( newurl == NULL ) {
1190 /* FIXME: leave attr untouched
1191 * even if ldap_url_desc2str failed...
1196 ch_free( a_vals[i].bv_val );
1197 ber_str2bv( newurl, 0, 1, &a_vals[i] );
1198 ber_memfree( newurl );
1199 ludp->lud_dn = olddn.bv_val;
1204 ldap_free_urldesc( ludp );
1211 rwm_dnattr_result_rewrite(
1218 for ( last = 0; !BER_BVISNULL( &a_vals[last] ); last++ );
1221 for ( i = 0; !BER_BVISNULL( &a_vals[i] ); i++ ) {
1222 struct berval pdn, ndn = BER_BVNULL;
1226 rc = rwm_dn_massage_pretty_normalize( dc, &a_vals[i], &pdn, &ndn );
1228 case LDAP_UNWILLING_TO_PERFORM:
1230 * FIXME: need to check if it may be considered
1231 * legal to trim values when adding/modifying;
1232 * it should be when searching (e.g. ACLs).
1234 assert( a_vals[i].bv_val != a_nvals[i].bv_val );
1235 ch_free( a_vals[i].bv_val );
1236 ch_free( a_nvals[i].bv_val );
1238 a_vals[i] = a_vals[last];
1239 a_nvals[i] = a_nvals[last];
1241 BER_BVZERO( &a_vals[last] );
1242 BER_BVZERO( &a_nvals[last] );
1247 /* leave attr untouched if massage failed */
1248 if ( !BER_BVISNULL( &pdn ) && a_vals[i].bv_val != pdn.bv_val ) {
1249 ch_free( a_vals[i].bv_val );
1252 if ( !BER_BVISNULL( &ndn ) && a_nvals[i].bv_val != ndn.bv_val ) {
1253 ch_free( a_nvals[i].bv_val );
1264 rwm_mapping_dst_free( void *v_mapping )
1266 struct ldapmapping *mapping = v_mapping;
1268 if ( BER_BVISEMPTY( &mapping[0].m_dst ) ) {
1269 rwm_mapping_free( &mapping[ -1 ] );
1274 rwm_mapping_free( void *v_mapping )
1276 struct ldapmapping *mapping = v_mapping;
1278 if ( !BER_BVISNULL( &mapping[0].m_src ) ) {
1279 ch_free( mapping[0].m_src.bv_val );
1282 if ( mapping[0].m_flags & RWMMAP_F_FREE_SRC ) {
1283 if ( mapping[0].m_flags & RWMMAP_F_IS_OC ) {
1284 if ( mapping[0].m_src_oc ) {
1285 ch_free( mapping[0].m_src_oc );
1289 if ( mapping[0].m_src_ad ) {
1290 ch_free( mapping[0].m_src_ad );
1295 if ( !BER_BVISNULL( &mapping[0].m_dst ) ) {
1296 ch_free( mapping[0].m_dst.bv_val );
1299 if ( mapping[0].m_flags & RWMMAP_F_FREE_DST ) {
1300 if ( mapping[0].m_flags & RWMMAP_F_IS_OC ) {
1301 if ( mapping[0].m_dst_oc ) {
1302 ch_free( mapping[0].m_dst_oc );
1306 if ( mapping[0].m_dst_ad ) {
1307 ch_free( mapping[0].m_dst_ad );
1316 #endif /* SLAPD_OVER_RWM */